The RSA Cryptosystem: Attacks and Implementation Dangers

Andrew Lindell

USA 2011 Weekend Training Session //July 31

Overview:

Every security professional knows the basics of encryption, but do they really know how
it works? The fact is that we often look at cryptographic primitives as mystical black
boxes. This is sometimes advantageous but can also lead to misunderstandings and
mistakes. For example, a deep understanding of how cryptosystems are built and
broken makes it clear why it is so important to use only standardized schemes. Similarly,
in order to properly determine what key lengths must be used for public-key encryption,
digital signatures, and key exchange, we need to know what the best algorithms are for
attacking these schemes and how they work. Furthermore, we need to look at the
history and development of these attacks in order to make safe predictions for the
coming decade. Finally, many cryptosystems are broken due to implementations that
seem robust but actually leave the door wide open to attack. Without an understanding
of these often surprising and elegant attacks, it is almost impossible to implement
crypto properly.

In this one-day intensive course, we will focus on the RSA cryptosystem in great depth.
Participants will gain a thorough understanding of how the RSA cryptosystem works and
the main algorithmic issues that arise when implementing it. In addition, we will study
attacks on RSA with a focus on the lessons learned from these attacks. We conclude
with a session on choosing key-lengths for RSA-based cryptosystems, based on a
comprehensive understanding of the issues involved.

In addition to frontal lectures, this one-day course includes interactive exercise sessions
in order to ensure a good understanding of the material studied.

This course is essential to developers who need to understand cryptographic primitives
in depth in order to properly use them and also to security professionals who need to
make truly informed decisions about what products to use and why.

Note:this is a single day course (Sunday only).

Prerequisites:

This course will assume mathematical maturity, but no specific mathematical
knowledge. For example, it is not assumed that the students know modular arithmetic
and number theory, but it is assumed that if explained, they will catch on fairly quickly.
In addition, participants should be familiar and comfortable with very basic probability,
with the notions of algorithms and with basic notions of computer science.

What to bring:

Students should bring paper, pens, and calculators. Laptops are helpful, but not required.

Trainer:

Andrew (Yehuda) Lindell is an Associate Professor at Bar-Ilan University in Israel.
Andrew attained a Ph.D. at the Weizmann Institute of Science in 2002 and spent two
years at the IBM T.J. Watson research lab as a Postdoctoral fellow in the cryptography
research group. Andrew has carried out extensive research in cryptography, and has
published more than 60 conference and journal publications, as well as an
undergraduate textbook on cryptography and a book detailing secure protocols. Andrew
has presented at numerous international conferences, workshops and university
seminars, and has served on program committees for top international conferences in
cryptography. In addition to Andrew's notable academic work, he has significant
industry experience and has worked on the cryptographic and security issues that arise
in the design and construction of authentication schemes, smartcard applications,
software protection schemes and more.